Re: [Curdle] Kathleen Moriarty's Yes on draft-ietf-curdle-ssh-dh-group-exchange-05: (with COMMENT)

Daniel Migault <daniel.migault@ericsson.com> Fri, 22 September 2017 13:38 UTC

Return-Path: <daniel.migault@ericsson.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4374313305E; Fri, 22 Sep 2017 06:38:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aietcV9TAgpV; Fri, 22 Sep 2017 06:38:06 -0700 (PDT)
Received: from usplmg21.ericsson.net (usplmg21.ericsson.net [198.24.6.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D6728132403; Fri, 22 Sep 2017 06:38:05 -0700 (PDT)
X-AuditID: c6180641-0f7ff70000002d27-30-59c4cbd9c3e5
Received: from EUSAAHC004.ericsson.se (Unknown_Domain [147.117.188.84]) by usplmg21.ericsson.net (Symantec Mail Security) with SMTP id 59.ED.11559.9DBC4C95; Fri, 22 Sep 2017 10:37:45 +0200 (CEST)
Received: from EUSAAMB107.ericsson.se ([147.117.188.124]) by EUSAAHC004.ericsson.se ([147.117.188.84]) with mapi id 14.03.0352.000; Fri, 22 Sep 2017 09:38:04 -0400
From: Daniel Migault <daniel.migault@ericsson.com>
To: Eric Rescorla <ekr@rtfm.com>, "Mark D. Baushke" <mdb@juniper.net>
CC: curdle <curdle@ietf.org>, "Salz, Rich" <rsalz@akamai.com>, draft-ietf-curdle-ssh-dh-group-exchange <draft-ietf-curdle-ssh-dh-group-exchange@ietf.org>, curdle <curdle-chairs@ietf.org>, Loganaden Velvindron <logan@hackers.mu>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>, The IESG <iesg@ietf.org>
Thread-Topic: [Curdle] Kathleen Moriarty's Yes on draft-ietf-curdle-ssh-dh-group-exchange-05: (with COMMENT)
Thread-Index: AQHTM6esOe9Y0SuI2Ee0m8dsiS+0KKLA6HbQ
Date: Fri, 22 Sep 2017 13:38:03 +0000
Message-ID: <2DD56D786E600F45AC6BDE7DA4E8A8C118CEE6E6@eusaamb107.ericsson.se>
References: <CAHbuEH7O=v2k7UWH-nw-+G80oW7q-pK=F7vxB91BfLRuGsXCJw@mail.gmail.com> <21187.1505924879@eng-mail01.juniper.net> <CABcZeBOyAiP7FU-wvmTi46gcQVGzz93TnuskTQb=-cyMfj3wVQ@mail.gmail.com>
In-Reply-To: <CABcZeBOyAiP7FU-wvmTi46gcQVGzz93TnuskTQb=-cyMfj3wVQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.117.188.11]
Content-Type: multipart/alternative; boundary="_000_2DD56D786E600F45AC6BDE7DA4E8A8C118CEE6E6eusaamb107erics_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrIIsWRmVeSWpSXmKPExsUyuXRPiO7N00ciDZYckbeY2bOB2WLrwlnM Fv/2r2a1WPH6HLvFjD8TmS0aduZbfJ04n9Wi6851Nov/WzpZLJZN2cPswOUx+cgCZo+ds+6y e+zdtojVY8mSn0we15uusntMftzGHMAWxWWTkpqTWZZapG+XwJWxcNkSloJT/hWHjuo2MG7w 7WLk5JAQMJH48+cEK4gtJHCUUWLD1+ouRi4gezmjxMVjM5hAEmwCRhJth/rZQWwRAVeJ2etu soAUMQv8YJL4Mu8qWLewQK7EmhezGCGK8iS2nOgHauYAso0k1u2RAQmzCKhKTLu8nhnE5hXw lVjZvpcRYtlhRonpKz+DzeEUCJQ4fegs2BxGATGJ76fWgB3BLCAucevJfCaIqwUkluw5zwxh i0q8fPyPFcJWkvj4ez47RH2+xOPWD1DLBCVOznzCMoFRZBaSUbOQlM1CUjYL6GxmAU2J9bv0 IUoUJaZ0P2SHsDUkWufMZUcWX8DIvoqRo7S4ICc33chwEyMwYo9JsDnuYNzb63mIUYCDUYmH d9m6I5FCrIllxZW5hxglOJiVRHiP/gMK8aYkVlalFuXHF5XmpBYfYpTmYFES531XfiFCSCA9 sSQ1OzW1ILUIJsvEwSnVwLhN0CukIm7PVHk9+0dXrjS9uLoxzypLy83pbZGvheDpaxtcd/GK 8sVs6dTO2PO/gMH498bVF/V54v/sCb/1505d9P6dv0oTT1rF2rc9vrR2V7LzDt4vygzJh5bN +ZzGZ3fx5tYLzfIuV6vn/lXkzZUN/8Cdufb/r8Uyj/3uMD/ZcEWmclbAXjUlluKMREMt5qLi RAAG5WKP1AIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/QUsi1KXk2dVx_a6yeluaOr-NfeY>
Subject: Re: [Curdle] Kathleen Moriarty's Yes on draft-ietf-curdle-ssh-dh-group-exchange-05: (with COMMENT)
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Sep 2017 13:38:09 -0000

I am sure he will.
Yours,
Daniel

From: Curdle [mailto:curdle-bounces@ietf.org] On Behalf Of Eric Rescorla
Sent: Friday, September 22, 2017 9:35 AM
To: Mark D. Baushke <mdb@juniper.net>
Cc: curdle <curdle@ietf.org>; Salz, Rich <rsalz@akamai.com>; draft-ietf-curdle-ssh-dh-group-exchange <draft-ietf-curdle-ssh-dh-group-exchange@ietf.org>; curdle <curdle-chairs@ietf.org>; Daniel Migault <daniel.migault@ericsson.com>; Loganaden Velvindron <logan@hackers.mu>; Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>; Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>; The IESG <iesg@ietf.org>
Subject: Re: [Curdle] Kathleen Moriarty's Yes on draft-ietf-curdle-ssh-dh-group-exchange-05: (with COMMENT)

Chairs: do we expect Loganaden to make changes?

-Ekr


On Wed, Sep 20, 2017 at 9:27 AM, Mark D. Baushke <mdb@juniper.net<mailto:mdb@juniper.net>> wrote:
Hi Kathleen,

Aside: Regarding SHOULD+ and SHOULD- in IETF drafts...

    The draft-ietf-curdle-ssh-kex-sha2-08.txt edition of that document
    defined and used SHOULD+ and SHOULD-, but many reviewers did not like
    them. So, I removed them from the draft-ietf-curdle-ssh-kex-sha2-09.txt
    edition.

Regarding the language in the current draft...

The primary author of draft-ietf-curdle-ssh-dh-group-exchange-05 is
Loganaden Velvindron.

I believe that he is the one who should make any changes to the
document to address comments provided in this review process.

I have no objections to suggesting that MIN value SHOULD be 2048
and that n SHOULD be 3072 or be capable of being set to 3072 by
an implementation as 2048 is not expected to need to be updated
within the next five years, perhaps abruptly. I actually think
that this would be a good idea.

Does this make sense to anyone else?

        Thanks,
        -- Mark